/*
 * Copyright(C) Asiainfo All rights Reserved
 *
 * Modification  History:
 * Date          Author                Version        Discription
 * -----------------------------------------------------------------------------------
 * 2017-4-11       lincy@asiainfo.com      1.0            1.0
 * <修改原因描述>: 
 */
package com.yysoft.core.utils;

/**
 *<p>Title: 类操作说明注释</p>
 *<p>Description: </p>
 *<p>Company: asiainfo </p> 
 * @author lincy@asiainfo.com 
 * @date 2017-4-11 下午9:42:18
 */
public class EntryptUtil {
	
	public static final String HASH_ALGORITHM = "SHA-1";
	public static final int HASH_INTERATIONS = 1024;
	public static final int SALT_SIZE = 8;
	
	
	
	/**
	 * 生成安全的密码，生成随机的16位salt并经过1024次 sha-1 hash
	 */
	public static String entryptPassword(String plainPassword) {
		String plain = EncodeUtils.htmlUnescape(plainPassword);
		byte[] salt = Digests.generateSalt(SALT_SIZE);
		byte[] hashPassword = Digests.sha1(plain.getBytes(), salt, HASH_INTERATIONS);
		return EncodeUtils.hexEncode(salt) + EncodeUtils.hexEncode(hashPassword);
	}
	
	/**
	 * 验证密码
	 * @param plainPassword 明文密码
	 * @param password 密文密码
	 * @return 验证成功返回true
	 */
	public static boolean validatePassword(String plainPassword, String password) {
		String plain = EncodeUtils.htmlUnescape(plainPassword);
		byte[] salt = EncodeUtils.hexDecode(password.substring(0,16));
		byte[] hashPassword = Digests.sha1(plain.getBytes(), salt, HASH_INTERATIONS);
		return password.equals(EncodeUtils.hexEncode(salt) + EncodeUtils.hexEncode(hashPassword));
	}

	public static void main(String[] args) {
		System.out.println(entryptPassword("0000"));
		System.out.println(validatePassword("0000", "710e4ef7448263eeb8f89bcb04fce05b93c18e76453e8e67b600f5b5"));
	}

}
